From 220b17e2f8b7b80884be8edb033595786315d555 Mon Sep 17 00:00:00 2001 From: tobi Date: Tue, 16 Sep 2025 15:58:54 +0200 Subject: [PATCH] invert reject / allow to make default more sensible --- docs/configuration/instance.md | 16 ++++++++-------- example/config.yaml | 16 ++++++++-------- internal/config/config.go | 2 +- internal/config/helpers.gen.go | 32 ++++++++++++++++---------------- internal/middleware/useragent.go | 8 ++++---- test/envparsing.sh | 4 ++-- testrig/config.go | 2 +- 7 files changed, 40 insertions(+), 40 deletions(-) diff --git a/docs/configuration/instance.md b/docs/configuration/instance.md index 54036d7fb..f8d236537 100644 --- a/docs/configuration/instance.md +++ b/docs/configuration/instance.md @@ -230,14 +230,14 @@ instance-stats-mode: "" # Default: true instance-allow-backdating-statuses: true -# Bool. If set to true, then any HTTP requests coming into the instance, -# whether by client, web browser, or server-to-server requests, will be -# rejected if they do not identify themselves by setting a value on the -# request's User-Agent header. Since almost all HTTP clients provide -# *something* as a User-Agent value, leaving this set to "true" will -# likely not cause issues, but you can turn it off if necessary. +# Bool. If set to false (default), then any HTTP requests coming into the +# instance, whether by client, web browser, or server-to-server requests, +# will be rejected if they do not identify themselves by setting a value +# in the User-Agent header. Since almost all HTTP clients provide *something* +# as a User-Agent value, leaving this set to false will likely not cause +# issues, but you can set it to true if it's necessary for some clients. # # Options: [true, false] -# Default: true -instance-reject-empty-user-agents: true +# Default: false +instance-allow-empty-user-agents: false ``` diff --git a/example/config.yaml b/example/config.yaml index dab55f2a3..8766598af 100644 --- a/example/config.yaml +++ b/example/config.yaml @@ -529,16 +529,16 @@ instance-stats-mode: "" # Default: true instance-allow-backdating-statuses: true -# Bool. If set to true, then any HTTP requests coming into the instance, -# whether by client, web browser, or server-to-server requests, will be -# rejected if they do not identify themselves by setting a value on the -# request's User-Agent header. Since almost all HTTP clients provide -# *something* as a User-Agent value, leaving this set to "true" will -# likely not cause issues, but you can turn it off if necessary. +# Bool. If set to false (default), then any HTTP requests coming into the +# instance, whether by client, web browser, or server-to-server requests, +# will be rejected if they do not identify themselves by setting a value +# in the User-Agent header. Since almost all HTTP clients provide *something* +# as a User-Agent value, leaving this set to "false" will likely not cause +# issues, but you can set it to "true" if necessary for some clients. # # Options: [true, false] -# Default: true -instance-reject-empty-user-agents: true +# Default: false +instance-allow-empty-user-agents: false ########################### ##### ACCOUNTS CONFIG ##### diff --git a/internal/config/config.go b/internal/config/config.go index 6dbe5dd86..3e3167eca 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -105,7 +105,7 @@ type Configuration struct { InstanceSubscriptionsProcessEvery time.Duration `name:"instance-subscriptions-process-every" usage:"Period to elapse between instance subscriptions processing jobs, starting from instance-subscriptions-process-from."` InstanceStatsMode string `name:"instance-stats-mode" usage:"Allows you to customize the way stats are served to crawlers: one of '', 'serve', 'zero', 'baffle'. Home page stats remain unchanged."` InstanceAllowBackdatingStatuses bool `name:"instance-allow-backdating-statuses" usage:"Allow local accounts to backdate statuses using the scheduled_at param to /api/v1/statuses"` - InstanceRejectEmptyUserAgents bool `name:"instance-reject-empty-user-agents" usage:"Reject all incoming HTTP requests that do not have a User-Agent header set"` + InstanceAllowEmptyUserAgents bool `name:"instance-allow-empty-user-agents" usage:"Allow incoming HTTP requests that do not have a User-Agent header set"` AccountsRegistrationOpen bool `name:"accounts-registration-open" usage:"Allow anyone to submit an account signup request. If false, server will be invite-only."` AccountsReasonRequired bool `name:"accounts-reason-required" usage:"Do new account signups require a reason to be submitted on registration?"` diff --git a/internal/config/helpers.gen.go b/internal/config/helpers.gen.go index 93f724aef..a67ed7916 100644 --- a/internal/config/helpers.gen.go +++ b/internal/config/helpers.gen.go @@ -77,7 +77,7 @@ const ( InstanceSubscriptionsProcessEveryFlag = "instance-subscriptions-process-every" InstanceStatsModeFlag = "instance-stats-mode" InstanceAllowBackdatingStatusesFlag = "instance-allow-backdating-statuses" - InstanceRejectEmptyUserAgentsFlag = "instance-reject-empty-user-agents" + InstanceAllowEmptyUserAgentsFlag = "instance-allow-empty-user-agents" AccountsRegistrationOpenFlag = "accounts-registration-open" AccountsReasonRequiredFlag = "accounts-reason-required" AccountsRegistrationDailyLimitFlag = "accounts-registration-daily-limit" @@ -278,7 +278,7 @@ func (cfg *Configuration) RegisterFlags(flags *pflag.FlagSet) { flags.Duration("instance-subscriptions-process-every", cfg.InstanceSubscriptionsProcessEvery, "Period to elapse between instance subscriptions processing jobs, starting from instance-subscriptions-process-from.") flags.String("instance-stats-mode", cfg.InstanceStatsMode, "Allows you to customize the way stats are served to crawlers: one of '', 'serve', 'zero', 'baffle'. Home page stats remain unchanged.") flags.Bool("instance-allow-backdating-statuses", cfg.InstanceAllowBackdatingStatuses, "Allow local accounts to backdate statuses using the scheduled_at param to /api/v1/statuses") - flags.Bool("instance-reject-empty-user-agents", cfg.InstanceRejectEmptyUserAgents, "Reject all incoming HTTP requests that do not have a User-Agent header set") + flags.Bool("instance-allow-empty-user-agents", cfg.InstanceAllowEmptyUserAgents, "Allow incoming HTTP requests that do not have a User-Agent header set") flags.Bool("accounts-registration-open", cfg.AccountsRegistrationOpen, "Allow anyone to submit an account signup request. If false, server will be invite-only.") flags.Bool("accounts-reason-required", cfg.AccountsReasonRequired, "Do new account signups require a reason to be submitted on registration?") flags.Int("accounts-registration-daily-limit", cfg.AccountsRegistrationDailyLimit, "Limit amount of approved account sign-ups allowed per 24hrs before registration is closed. 0 or less = no limit.") @@ -471,7 +471,7 @@ func (cfg *Configuration) MarshalMap() map[string]any { cfgmap["instance-subscriptions-process-every"] = cfg.InstanceSubscriptionsProcessEvery cfgmap["instance-stats-mode"] = cfg.InstanceStatsMode cfgmap["instance-allow-backdating-statuses"] = cfg.InstanceAllowBackdatingStatuses - cfgmap["instance-reject-empty-user-agents"] = cfg.InstanceRejectEmptyUserAgents + cfgmap["instance-allow-empty-user-agents"] = cfg.InstanceAllowEmptyUserAgents cfgmap["accounts-registration-open"] = cfg.AccountsRegistrationOpen cfgmap["accounts-reason-required"] = cfg.AccountsReasonRequired cfgmap["accounts-registration-daily-limit"] = cfg.AccountsRegistrationDailyLimit @@ -1022,11 +1022,11 @@ func (cfg *Configuration) UnmarshalMap(cfgmap map[string]any) error { } } - if ival, ok := cfgmap["instance-reject-empty-user-agents"]; ok { + if ival, ok := cfgmap["instance-allow-empty-user-agents"]; ok { var err error - cfg.InstanceRejectEmptyUserAgents, err = cast.ToBoolE(ival) + cfg.InstanceAllowEmptyUserAgents, err = cast.ToBoolE(ival) if err != nil { - return fmt.Errorf("error casting %#v -> bool for 'instance-reject-empty-user-agents': %w", ival, err) + return fmt.Errorf("error casting %#v -> bool for 'instance-allow-empty-user-agents': %w", ival, err) } } @@ -3313,27 +3313,27 @@ func GetInstanceAllowBackdatingStatuses() bool { return global.GetInstanceAllowB // SetInstanceAllowBackdatingStatuses safely sets the value for global configuration 'InstanceAllowBackdatingStatuses' field func SetInstanceAllowBackdatingStatuses(v bool) { global.SetInstanceAllowBackdatingStatuses(v) } -// GetInstanceRejectEmptyUserAgents safely fetches the Configuration value for state's 'InstanceRejectEmptyUserAgents' field -func (st *ConfigState) GetInstanceRejectEmptyUserAgents() (v bool) { +// GetInstanceAllowEmptyUserAgents safely fetches the Configuration value for state's 'InstanceAllowEmptyUserAgents' field +func (st *ConfigState) GetInstanceAllowEmptyUserAgents() (v bool) { st.mutex.RLock() - v = st.config.InstanceRejectEmptyUserAgents + v = st.config.InstanceAllowEmptyUserAgents st.mutex.RUnlock() return } -// SetInstanceRejectEmptyUserAgents safely sets the Configuration value for state's 'InstanceRejectEmptyUserAgents' field -func (st *ConfigState) SetInstanceRejectEmptyUserAgents(v bool) { +// SetInstanceAllowEmptyUserAgents safely sets the Configuration value for state's 'InstanceAllowEmptyUserAgents' field +func (st *ConfigState) SetInstanceAllowEmptyUserAgents(v bool) { st.mutex.Lock() defer st.mutex.Unlock() - st.config.InstanceRejectEmptyUserAgents = v + st.config.InstanceAllowEmptyUserAgents = v st.reloadToViper() } -// GetInstanceRejectEmptyUserAgents safely fetches the value for global configuration 'InstanceRejectEmptyUserAgents' field -func GetInstanceRejectEmptyUserAgents() bool { return global.GetInstanceRejectEmptyUserAgents() } +// GetInstanceAllowEmptyUserAgents safely fetches the value for global configuration 'InstanceAllowEmptyUserAgents' field +func GetInstanceAllowEmptyUserAgents() bool { return global.GetInstanceAllowEmptyUserAgents() } -// SetInstanceRejectEmptyUserAgents safely sets the value for global configuration 'InstanceRejectEmptyUserAgents' field -func SetInstanceRejectEmptyUserAgents(v bool) { global.SetInstanceRejectEmptyUserAgents(v) } +// SetInstanceAllowEmptyUserAgents safely sets the value for global configuration 'InstanceAllowEmptyUserAgents' field +func SetInstanceAllowEmptyUserAgents(v bool) { global.SetInstanceAllowEmptyUserAgents(v) } // GetAccountsRegistrationOpen safely fetches the Configuration value for state's 'AccountsRegistrationOpen' field func (st *ConfigState) GetAccountsRegistrationOpen() (v bool) { diff --git a/internal/middleware/useragent.go b/internal/middleware/useragent.go index ca79de068..894d669cc 100644 --- a/internal/middleware/useragent.go +++ b/internal/middleware/useragent.go @@ -30,8 +30,8 @@ import ( // which aborts requests with empty user agent // strings, returning code 418 - I'm a teapot. // -// If `instance-reject-empty-user-agents` is -// false, it just logs a debug msg instead. +// If `instance-allow-empty-user-agents` is +// true, it logs a debug msg instead of aborting. func UserAgentOrTeapot() gin.HandlerFunc { // Build variables outside the handler @@ -39,7 +39,7 @@ func UserAgentOrTeapot() gin.HandlerFunc { // time a request is processed. var ( rsp = []byte(`{"error": "I'm a teapot: no user-agent sent with request"}`) - rejectEmpty = config.GetInstanceRejectEmptyUserAgents() + allowEmpty = config.GetInstanceAllowEmptyUserAgents() ) return func(c *gin.Context) { @@ -49,7 +49,7 @@ func UserAgentOrTeapot() gin.HandlerFunc { return } - if !rejectEmpty { + if allowEmpty { // No user-agent was // set but that's OK. log.Debugf( diff --git a/test/envparsing.sh b/test/envparsing.sh index dc0bd5e5a..5d9250262 100755 --- a/test/envparsing.sh +++ b/test/envparsing.sh @@ -112,6 +112,7 @@ EXPECT=$(cat << "EOF" "http-client-timeout": 30000000000, "http-client-tls-insecure-skip-verify": false, "instance-allow-backdating-statuses": true, + "instance-allow-empty-user-agents": true, "instance-deliver-to-shared-inboxes": false, "instance-expose-allowlist": true, "instance-expose-allowlist-web": true, @@ -127,7 +128,6 @@ EXPECT=$(cat << "EOF" "nl", "en-GB" ], - "instance-reject-empty-user-agents": false, "instance-stats-mode": "baffle", "instance-subscriptions-process-every": 86400000000000, "instance-subscriptions-process-from": "23:00", @@ -253,6 +253,7 @@ GTS_TLS_MODE='' \ GTS_DB_TLS_CA_CERT='' \ GTS_WEB_TEMPLATE_BASE_DIR='/root' \ GTS_WEB_ASSET_BASE_DIR='/root' \ +GTS_INSTANCE_ALLOW_EMPTY_USER_AGENTS="true" \ GTS_INSTANCE_EXPOSE_PEERS=true \ GTS_INSTANCE_EXPOSE_BLOCKLIST=true \ GTS_INSTANCE_EXPOSE_BLOCKLIST_WEB=true \ @@ -265,7 +266,6 @@ GTS_INSTANCE_FEDERATION_SPAM_FILTER=true \ GTS_INSTANCE_DELIVER_TO_SHARED_INBOXES=false \ GTS_INSTANCE_INJECT_MASTODON_VERSION=true \ GTS_INSTANCE_LANGUAGES="nl,en-gb" \ -GTS_INSTANCE_REJECT_EMPTY_USER_AGENTS="false" \ GTS_INSTANCE_STATS_MODE="baffle" \ GTS_ACCOUNTS_ALLOW_CUSTOM_CSS=true \ GTS_ACCOUNTS_CUSTOM_CSS_LENGTH=5000 \ diff --git a/testrig/config.go b/testrig/config.go index 505dbb1a0..6eabbd72f 100644 --- a/testrig/config.go +++ b/testrig/config.go @@ -107,7 +107,7 @@ func testDefaults() config.Configuration { InstanceSubscriptionsProcessFrom: "23:00", // 11pm, InstanceSubscriptionsProcessEvery: 24 * time.Hour, // 1/day. InstanceAllowBackdatingStatuses: true, - InstanceRejectEmptyUserAgents: false, + InstanceAllowEmptyUserAgents: true, AccountsRegistrationOpen: true, AccountsReasonRequired: true,